Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Passive client, multicast, and WLC configuration

                   Hello,

I need to implement multicast for passive clients on a network which is in use.

It is composed of 2 WLC 2504 (7.4) in mobility group.

Routing & Firewalling is done by ASA 5585.

Switches are 2960.

After doc study, I defined a configuration, and I prefer to ask for advices in case of I forgot something or I'm wrong on others.

1. Delete AP & SSID from AP Group ("The passive client feature is not supported with the AP groups and FlexConnect centrally switched

WLANs.")

2. Broadcast the SSID only on this AP.

3. Enable multicast-multicast with 239.3.20.100 for 1st WLC, and 239.3.20.101 for 2nd WLC

4. Enable multicast global mode for both WLCs

5. Enable IGMP Snooping global mode for both WLCs

6. Enable Passive Client on the SSID

7. Disable Require DHCP on the SSID

8. Disable Proxy DHCP global mode for both WLCs

That's all.

Is there a config to do on the ASA, on the switches ? (ip pim sparse-dense, etc...)

Thank yo ufor your help.

Clement

2 REPLIES

Passive client, multicast, and WLC configuration

Hi mate,

Do you really need passive clients using multicast in the first place? While this might not seem complicated, without any multicast experience could give yourself some headache.

Basically if you follow this config you will be able to cover most of the WLC part. As multicast packets will travel inside the same VLAN (if anyone else can correct me), I don't see any config needed on your ASA.

Only on switches, you could add the global command: ip igmp snooping.

Community Member

Passive client, multicast, and WLC configuration

Yes I need passive clients.

The customer WLAN network is composed of groups of equipements:

For each group there is an AXIS wireless modem which is in bridge mode.

It do association & authentication with WPA2 key, then 802.1x MSCHAPv2 credentials.

Behind the AXIS, there are 4 equipements in static IP adress, which have to contact 4 different servers.

Currently, authentication with radius server are good only for 30% of groups, and for us, only one equipement have connectivity on the network, the 3 others cannot contact their servers located on wired network.

668
Views
0
Helpful
2
Replies
CreatePlease to create content